Tech Orbiter The best apps, services, and tips for you Sun, 10 Jan 2021 13:26:17 +0000 en-US hourly 1 Tech Orbiter 32 32 62549615 How to Substitute Fonts in Firefox for Windows without Extensions (Bye Arial!) Sun, 10 Jan 2021 14:00:00 +0000 read moreHow to Substitute Fonts in Firefox for Windows without Extensions (Bye Arial!)

As a Windows user for over a decade, I have grown a bit tired of two fonts/typefaces – Arial (in particular) and Segoe UI (to a lesser extent). Arial is the infamous Helvetica clone that continues to be used on far too many websites. Segoe UI has been the default typeface of Windows since Vista, and is slowly gaining traction as a web font. In fact, if you’re reading this article on a Windows PC, most of the text is likely displayed in Segoe UI.

credit: imgflip and Wikipedia

Windows registry has a folder (also known as “key”) called “FontSubstitutes” where you can define substitutes for specific fonts. For example, Windows does not include Helvetica (possibly due to licensing costs), instead it declares Arial as the substitute for Helvetica. This way, any websites or apps that use Helvetica will automatically switch to Arial when opened in Windows.

Most apps will honor the FontSubstitutes rules only for fonts that are not available in Windows (like Helvetica). If you add a font substitute for Arial, these apps will ignore the rule and continue to display Arial. You’ll have to go an extra step and scrub all filenames of Arial from a separate folder called “Fonts” so that Windows thinks that it’s not available on your PC. There is a bigger scope to mess things up in the Fonts folder than in FontSubstitutes, so this step can be risky.

Thankfully, Firefox is an exception here (as are many apps made with the Qt toolkit). It will accept any rules defined in FontSubstitutes without tinkering with the Fonts folder. If you use Firefox, this is an easy way to banish any unsavory fonts from the browser. Read on for the steps.

⚠ Just a heads up that editing the registry can be risky, so be sure to follow instructions exactly, and keep a note of all the changes that you do (in case you need to revert them).

  • Click the Start button on your desktop, type “registry”, and open the Registry Editor from the search results. You will need administrator privileges to open it.
  • Navigate to this folder from the left pane: Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes
  • Right click anywhere on the blank area and select “New” > “String Value”.
  • Enter the font that you want to replace (like, Arial, Segoe UI, or anything else) as the name of this entry.
  • Double click the entry and enter the font you want to display (as the substitute) in the “Value data” box. Click OK.

Do this for all fonts that you want to replace, restart your PC, and open Firefox to verify. If you want to revert the changes, head back to FontSubstitutes and delete/reset the respective entries.

I have set rules for the below fonts and replaced all of them with Inter, a very nice typeface from Rasmus Andersson.

  • Arial
  • Microsoft Sans Serif and MS Sans Serif (very similar to Arial and sometimes used in its place)
  • Segoe UI
  • Helv and Helvetica (changed from Arial to Inter)

There are many other good fonts available to install on Google Fonts. If you want to use any such third party font as a substitute, download and install it first before adding the registry entries. Fonts are generally available in .ttf or .otf formats.

⚠ Premium fonts available from sketchy “free download” sites are illegal and can be a vector for malware. Avoid them and stick to trusted sites like Google Fonts if you want good quality fonts that are free to use.

Note that these steps will work only in Firefox, and not other browsers like Chrome, Edge, Brave, etc (or most apps, for that matter). If you use one of these browsers, the steps may be a bit more involved or may not work at all. I will cover them in a future post if I find a suitable solution. Let me know if you have any questions in the comment section below.

]]> 0 4526
How to Disable Rewards, Tor, Enable Sync, and Other Tips Regarding Brave Browser (Desktop) Sat, 09 Jan 2021 13:30:00 +0000 read moreHow to Disable Rewards, Tor, Enable Sync, and Other Tips Regarding Brave Browser (Desktop)


Brave is one of the more privacy friendly browsers out there today. It’s based on Chromium (the same project that powers Google Chrome), but offers many perks like automatic tracking protection, decentralized syncing, support for Chrome extensions, etc, on top. While Brave gets a lot of things right, you could do without a few of its default settings.

Disable Brave Rewards ⬆

The “shields” feature in Brave blocks tracking cookies, pop-ups, fingerprinting scripts, and invasive ads by default. The company does understand that this negatively affects many content creators who rely on advertising revenue to keep their websites and services running.

To offset this, Brave includes “Rewards” – a feature that pays Brave users to occasionally view privacy-friendly ads. The payment is done in BAT (Basic Attention Token), a cryptocurrency that’s exclusively available through the browser. Users can choose to either contribute their earnings to frequently visited websites, or use it on the trading platform

Most of the internet depends on advertising, but modern script based ads have many problems – bloated website pages, unnecessary data collection and tracking, decreased device performance and battery life, to name a few. Ad blocking affects content creators, while allowing ads to load can sometimes cause a poor experience for users. This is an all-around sticky situation, and I must applaud Brave for trying to tackle it with a novel approach. That said, Brave Rewards may not always present a pleasant experience, and you are free to turn it off.

Rewards is an opt-in feature, which means it will only activate with your consent. If you’ve already consented to it and would like to turn it off now, the steps are easy.

Click the hamburger button (≡) on the top right part of Brave, and open “Brave Rewards”. Switch off “Brave Ads” and “Auto-Contribute”.

To hide the Rewards button on the address bar, go to > “Settings” > “🖥 Appearance”, and enable the option “Hide Brave Rewards button”. You can use the search button to find the relevant options if you’re unable to locate them at a glance (there are a lot of options in Brave).

Disable (or enable) Crypto Wallets ⬆

Besides Rewards, Brave also supports native and third-party crypto wallets to manage cryptocurrency like Ethereum. This is another opt-in feature that you will have to manually enable. There is currently no option to reset/delete any wallets that you have created or added, but you can stop them from launching automatically.

Go to > “Settings” > “🧩 Extensions”, and set the first two options to “None” and off, respectively. Reopen Brave for the change to take effect.

Set "Ethereum provider for using Dapps" to "None", and turn off "Load Crypto Wallets on startup"

Disable Tor, WebTorrent, and other extensions ⬆

While we are on the extensions page, you may also want to disable all or some of the below extensions. Move on to the next part if they are already off, or if you’d like to keep using them.

  1. Allow Google login for extensions: allows extensions made by Google (like Hangouts or Keep) to access your Google account
  2. Private window with Tor: Tor allows anonymous browsing, but it can be incredibly slow and frustrating for most users
  3. WebTorrent: it can handle torrents directly inside the browser, including streaming media files without the need to download them

In addition to the above, you can enable the “Media Router” extension to get Chromecast functionality in Brave.

Install Chrome extensions ⬆

Brave supports most extensions on the Chrome Web Store. If you have a favorite in mind (or ten!), head over there and install them just as you’d on Chrome.

Enable Sync ⬆

Like most modern browsers, Brave can sync your bookmarks, extensions, history, and more across devices, both desktop and mobile. Brave Sync is unique in that it’s fully decentralized – the data only moves between your devices through encrypted peer-to-peer technology and is never sent to Brave’s servers.

Setting up Sync is fairly straightforward. Head over to > “Sync” and follow the instructions.

Disable sponsored images, stats, and more on the start page ⬆

Brave’s new tab page has a bunch of widgets to show information like top visited sites, time, news, stats from Brave Shield, and more. You can disable any or all of them from the Customize link on the bottom right part of the page.

Block social media tracking across sites ⬆

You have probably come across embedded tweets and Facebook posts on various sites. These embeds require JavaScript which can be used to track you across the web, outside of the social media sites. You have an option to block them in Brave under > “Settings” > “👎 Social media blocking”. Disabling the first two options will also stop you from logging into other sites with Google and Facebook, respectively.

Turn off telemetry ⬆

Brave includes minimal telemetry to detect crashes and improve their product. I’d suggest leaving these on, but you can disable them under > “Settings” > “Additional settings” > “🔒 Privacy and security”.

Enable aggressive mode in Brave Shields ⬆

Brave Shields uses a “standard mode” as the default option. This should work well for most users, however there’s an aggressive mode available to block a larger set of invasive cookies, ads, fingerprinting scripts, etc.

Head over to > “Settings” > “🛡 Shields” to turn it on.

Note that the strict mode might break some websites. You can give it a spin and go back to balanced mode if something breaks. You can also disable Brave Shields on a per-site basis, and I’ll recommend you to do it for websites that respect your privacy and don’t blast your screen with banners and pop-ups.

Are there any other Brave features you’d like me to cover? Let me know in a comment below or through the feedback form.

]]> 0 4283
How to Change Search Engines, Enable Secure DNS, and Others Tips Regarding Microsoft Edge (Desktop) Thu, 07 Jan 2021 13:30:00 +0000 read moreHow to Change Search Engines, Enable Secure DNS, and Others Tips Regarding Microsoft Edge (Desktop)

Microsoft’s Edge browser is now based on Chromium, the same project that powers Google Chrome, Opera, Brave, and pretty much every major web browser not named Firefox and Safari. Edge is one of the better Chromium browsers, however you could do with changing a few of its default options.

Switch a different search engine

Edge has two search boxes on every tab – the address bar itself and a dedicated search box below the Microsoft logo. Both use Bing as the default search engine, and interestingly, both have their separate options to change the search engine. These options used to be in different places earlier, but Microsoft has thankfully placed them together now.

To change the search engine, click the three dots (···) on the top right corner and go to “⚙ Settings” > “🔒 Privacy, search, and services”. We will be visiting this page multiple times in this article, as many of the extra features in Edge can be turned on or off here.

Scroll down to the bottom of the page, and select the menu that says “Address bar and search”.

Click the small images below to enlarge them.

Alternately, you can type edge://settings/search in the address bar and hit Enter to open the page.

Select your preferred option in the drop-down menu that says “Search engine used in the address bar”.

Select a different search engine from the drop down menu

To make the search box use your choice (instead of Bing), select “Address bar” for the drop-down that reads “Search on new tabs uses search box or address bar”.

Set the search box to use the same search engine as the address bar

Hide Collections (or remove Pinterest suggestions from it)

The Collections feature lets you save web pages, text snippets, screenshots and the likes for future reference. If you don’t see yourself using it, right click its icon on the toolbar and hide it.

Hide the Collections button from the toolbar

If you like Collections but could do without the “suggestions” from Pinterest, disable it from ··· > “⚙ Settings” > “🔒 Privacy, search, and services” > “Services”.

Disable the option that says "Show suggestions from Pinterest in Collections"

Enable extensions from Chrome Web Store

Edge has its official store of useful extensions, but it can also run most extensions from the much larger Chrome store with a simple switch.

Go to ··· > “🧩 Extensions”, and enable the switch that says “Allow extensions from other stores” on the bottom left corner.

You can now head over to the Chrome store and install pretty much anything in there.

Enable strict tracking prevention

Edge includes a handy tracking prevention feature that’s enabled out of the box in “balanced” mode. This should work well for most users, however there’s a strict mode available to block a larger set of invasive cookies, ads, fingerprinting scripts, etc.

To enable strict tracking mode, head over to ··· > “⚙ Settings” > “🔒 Privacy, search, and services”.

Select the strict mode on the privacy page of Edge

Note that the strict mode might break some websites. You can give it a spin and go back to balanced mode if something breaks. You can also disable tracking protection on a per-site basis, and I’ll recommend you to do it for websites that respect your privacy and don’t blast your screen with banners, pop-ups, and notices.

Click the lock icon on the address bar and set tracking prevention to "off" to disable it for individual sites

Hide the news feed

Every new tab on Edge includes a “news feed” – an unending list of articles from This is easily my least favorite feature of the browser, and I’m very thankful that turning it off is easy. Check my previous article on how to turn this off for good.

Select the "content off" option in Microsoft Edge
Select the “content off” option in Microsoft Edge to turn off news articles in the new tab page

Enable encrypted DNS (DNS-over-HTTPS or DoH)

You can enable DoH for better security and privacy when browsing the web. Open the privacy settings page that we have visited a couple of times above (··· > “⚙ Settings” > “🔒 Privacy, search, and services”), and select a DoH service provider from the drop-down. I prefer Cloudflare, but all the listed providers are solid options.

Disable (some) telemetry and personalization

On the same page, disable the option to “personalize your web experience” to limit data collection and use by Microsoft.

Disable shopping assistant

Edge’s shopping assistant will automatically price match and apply coupons for you, but it probably doesn’t work all over the world (the landing page doesn’t mention where it works). It’s a safe bet to assume that if you live outside the US/CA/EU regions, it may not work for you.

If you haven’t seen a coupon or deal alert on Amazon or other shopping sites, you can turn off the feature on the privacy page.

Disable the option that reads "Save time and money with Shopping in Microsoft Edge" towards the bottom of the page

Are there any other Edge features you’d like me to cover? Let me know in a comment below or through the feedback form.

]]> 0 4074
How to Stop VLC Player from Automatically Resizing to Fit Video Resolution (on Desktop) Thu, 03 Dec 2020 10:38:20 +0000 read moreHow to Stop VLC Player from Automatically Resizing to Fit Video Resolution (on Desktop)

When you open a video in VLC player, the app automatically resizes its window to fit the video resolution. The exception to this case is if VLC was maximized before, in which case it will continue to open in maximized state. If you’d rather have VLC remember its window size and not resize every time to fit a video’s resolution, there’s an easy fix for it.

In VLC player, go to Tools > Preferences 🔧 > Interface, and uncheck the option that says “Resize interface to video size”. Click Save and you’re done. This works regardless of whether you’re on Windows, macOS, or Linux.

Open VLC player and go to Tools > Preferences
Uncheck the option to "resize interface to video size"

Featured image: VLC Icon on Iconscout

]]> 0 3943
How to Disable #Pocket in #Firefox Browser for Desktop Wed, 02 Dec 2020 05:32:42 +0000 read moreHow to Disable #Pocket in #Firefox Browser for Desktop

Pocket is a “read-it-later” service that’s built into Firefox. It allows for saving web pages for future reading, and for surfacing articles it thinks you may find useful or interesting. This is good if you’re a Pocket user, but it’s a bit unnecessary for people who have no use for the service. There are two Pocket features in Firefox – a button on the address bar Pocket button, and a recommended list of articles on the new tab page. Here’s how to disable them both:

Pocket button Pocket button

Type about:config in the Firefox address bar and hit Enter.

Type about:config in the Firefox address bar and hit Enter

Click the button to “Accept the Risk and Continue”.

Click the button to "Accept the Risk and Continue"

Type “extensions.pocket.enabled” in the search bar, and double click the entry to change it to “false”.

Set extensions.pocket.enabled field to "false"

If you want to re-enable the Pocket button in future, follow the same steps as above and set the above entry’s value to “true”.

Recommended by Pocket articles

Click the ⚙ icon on the top right corner of the new tab page.

Settings icon on the top right corner of the new tab page in Firefox

Alternately, you can go to Tools () > Options > Home > Firefox Home Content, or simply type about:preferences#home in the address bar and hit Enter.

Uncheck the option to show “Recommended by Pocket” articles.

Uncheck the option to show "Recommended by Pocket" articles.

If you don’t see this option, it means Mozilla hasn’t rolled it to your location, and you can ignore the above step.

Featured image source: Pocket Icon on Iconscout

]]> 0 4001
How to Disable the News Feed in Microsoft Edge (Updated for Chromium Edge) Sat, 23 May 2020 14:15:00 +0000 Update: The original steps mentioned in this post do not work for the new version of Microsoft Edge, with looks and works a lot like Google Chrome. If you already have the new version of Edge, follow the steps highlighted below.

Open Edge, and on the “new tab” page click ⚙ > Custom. ⚙ icon is near the top right corner of the page.

Select “Content off” to disable the news feed.

Original post:

Edge is the much hyped new browser in Windows 10, and one of its new features is a personalized start page that shows you local weather and personalized news. While many may find it useful, others (like me) will find the cluttered look off-putting.

Lets be honest, no one wants murder stories on their browser.
Too much clutter.

Turning off the news feed from the start page is currently not possible, but you can get rid of it with a simple tweak. Go to Settings, and change the Open with option to New tab page. New tab pages don’t show the news feed by default, so this setting will hide the clutter on browser launch.

If you want to go the other way, and show the news feed on every tab, open up Settings and change Open new tabs with to Top sites and suggested content.

News feed on new tab tage

How do you like Edge? Let us know in the comments!

]]> 22 274
How to Enable Encrypted SNI in Firefox #eSNI Thu, 21 May 2020 12:53:01 +0000

Update 01/01/21: As kindly pointed out by Zagzigger in the comments section below, ESNI is not working for many users on the newer versions of Firefox. The issue unfortunately seems unlikely to be fixed, as ESNI is an outgoing technology that will be eventually be replaced by the more comprehensive ECH. Details on ECH: The ECH technology stack is on track to be added to Firefox in 2021.

If the below steps don’t work for you, consider using the “ESR” (extended support release) channel of Firefox for the time being. It’s an older version of Firefox that’s fully supported by Mozilla and is meant for enterprise environments.

What’s SNI?

SNI stands for Server Name Indication. It’s an extension to TLS that allows multiple online services (websites) with unique encryption certificates to share the same IP address.

Jump straight to the point…

Wait…what’s TLS? And “encryption certificates”?

TLS, or Transport Layer Security, is a protocol used to encrypt (or scramble) data passing over the Internet so that it cannot be intercepted on the way. Let’s say you’re doing a bank transaction online. You will not want a “middle man”, say your internet provider, your Wi-Fi network admin, or a nefarious hacker, to snoop on the transaction. This is where TLS comes in handy. It is part of a software stack that allows online services to protect sensitive data transfers by encrypting them on the way to your computer or mobile device.

Any website aiming to provide an encrypted connection requires a digitally signed certificate assigned to it. Such certificates can be obtained from an authorized vendor such as Comodo, Let’s Encrypt, Cloudflare, VeriSign, etc.

Why encrypted SNI?

There’s been a recent trend to encrypt all communication that happens online, be it the content of websites or DNS queries to access those sites. Part of this is a push to improve privacy of all types of data transfers (not just sensitive data), and part is due to broad availability of encryption options at zero to little cost. Encrypted sites also fare better on Google search results, which is a nice little incentive on top.

SNI is a weak link in this equation as it’s not encrypted by default. An SNI request includes the website address in plain text, allowing your internet provider to detect and block that request. Encrypted SNI was introduced as a proposal to close this loophole.

Read more about encrypted SNI and Firefox’s support on Cloudflare…

Note that the proposal is still under review, has undergone multiple revisions, and may take years to become a standard. Encrypted SNI also works only when it’s been enabled on both client (your computer) and server (the website) side. All this is to say that the support in Firefox is currently experimental and will continue to improve as the draft for eSNI matures.

How to enable eSNI in Firefox?

Firefox is currently the only web browser to support eSNI. Other browsers are expected to follow suit when the proposal becomes a standard.

Before enabling eSNI, I will recommend enabling encrypted DNS in Firefox. Unencrypted (or “plain text”) DNS defeats the purpose of eSNI, so follow these quick steps to encrypt it first:

Open Firefox, and go to Tools (⚙) > Options.

Scroll all the way down to Network Settings and click the Settings… button.

Once again, scroll all the way down to “Enable DNS over HTTPS”. Select your DNS provider, enable the option, and click OK.

Now that DNS over HTTPS (DoH) is on, follow these steps to enable eSNI:

In the Firefox address bar, type about:config and hit Enter.

Accept the prompt to “proceed with caution”.

Search for “esni” and click the “Toggle” button next to to enable this switch.

That does the job. Firefox will encrypt SNI requests to websites that support the feature, and your browsing sessions will be a bit more private.

]]> 8 3959
How to Automatically Update Apps on your Windows PC with Ninite Mon, 18 May 2020 16:41:11 +0000 Keeping your apps up-to-date is important, be it for bug fixes, security patches, or new features. Unless you only install apps from the Microsoft Store, which is a bit lacking to put it mildly, Windows does not provide a centralized feature to update apps. In this article, we will tackle this issue using the excellent free service Ninite and a simple Windows task.

Ninite is an online service that lets you install many popular Windows apps in bulk. Just select the apps you want, download and open the installer, and it will do the rest for you. It will even refuse all prompts to install bloatware, like browser toolbars and extensions, on your behalf.

Ninite offers its own software updater app, with subscription rates starting at USD10 per year. It’s a good deal, and something you can certainly consider to support their useful service, but you don’t have to buy a subscription for personal use if you can’t afford it.

The standard Ninite installer, which is free, will apply any updates it finds when you run it. To fully automate this, you can create a Windows task that runs the Ninite installer file periodically, say once a week.

Open, choose your apps, and download the installer to your desktop. Make sure you include any apps that are already installed on your PC, along with the apps that you’d like to add. Feel free to skip web browsers like Chrome and Firefox, as they update automatically by default.

The installer file should be saved in your Downloads folder. If you’re like me and clean this folder out periodically, you will want to move the Ninite file to a different location. I rename the file to “Ninite.exe” and save it in a separate folder called “Scheduled”.

Place the Ninite file in a new folder

Now, search for Task Scheduler and open it from the Windows search bar. On the right pane of Task Scheduler, click “Create Task…”.

You will need a name, a triggering rule, an action item, and some conditions for the task. The settings that I use are a good starting point – refer the images in this gallery and configure your task similarly.

Save the task, and run it manually to verify if everything works correctly.

Right click on the task and run
Right click on the task and run

The Ninite installer will run and update any app that has a new version.

That’s all there is to it. The task will run automatically on schedule and keep your apps up-to-date.

]]> 0 2665
How To Put Your WordPress Site On Autopilot Maintenance Mode Sun, 06 Mar 2016 12:18:27 +0000 That first site you created awhile back isn’t working out. It’s dear to your heart. You spend way too much time on it. But you have much bigger projects on hand, and you need to let the first one go. You don’t have to shut it down, you just have to not spend any more time on it.

Here’s how to sunset a WordPress site gracefully (hint: automate everything).

1. Set up auto-renewal of domain and hosting.

You don’t want to wake up one day and find your site is down because you forgot to renew the domain or the hosting. Punch in your credit card details, turn on auto-renewal, and let your host do their thing. Domains don’t cost a lot, and hosting won’t either if you have other bigger projects on the same account. If you have ads on your site, it might even pay for itself.

2. Set up background auto-update of WordPress core, themes, and plugins.

There are a few updates that WordPress handles automatically,

  • minor point core updates
  • critical themes and plugin updates, as decided by the WordPress team

But that’s not enough. You want your WordPress to update everything on its own, so you don’t have to keep coming back and apply them.

This is easy to achieve. The Codex has an article on how to turn on automatic background updates by adding a few lines of code to wp-config.php or to a site specific plugin.

Related: How to automatically update themes and plugins in WordPress

3. Amp up your site’s security.

There are endless ways to improve your site’s security, and it’s impossible to know or cover all of it. But the following steps have the basics covered.

3.1. Read point 2 above. This solves 90% of the problems.

3.2. Use Jetpack and turn on the Protect module. It will prevent brute force attacks on your site.

3.3. Use Single Sign On. This will disable native login (wp-login) on your site, and let you use your credentials instead. Here’s an article on how to turn it on. Make sure you have two factor authentication enabled on

3.4. Ditch outdated plugins. WordPress plugins are wonderful, but if one hasn’t been updated in six months or more, it’s time to uninstall it. It’s probably been abandoned by its developer, and any future security holes discovered in the plugin will leave your site open to attacks.

3.5. Use a theme that’s regularly updated and looks future proof.  Using a theme that is no longer maintained by its developer, or one that may not keep up with the design trends in a few years, is not a good idea. Choose wisely.

3.6. Put your website behind a security service like CloudFlare. This is totally optional, but CloudFlare provides excellent security and performance benefits for free, and many more features for a fee. We have covered CloudFlare a ton of times before – you can go through those posts here.

4. Check, and double check your site’s layout, widgets, footer text, user profile, etc.

And then, triple check everything. This may not seem like a big deal, but it is. You don’t want to randomly visit your site one day, find something amiss, and have to log in to fix it.

You also want emails coming from your site to land in your inbox, so check if all the information in your profile and site settings are correct.

Check if Google Analytics and WordPress Stats are configured properly, so the stats keep updating.

5. Fix broken links, images.

Don’t leave broken links and images around. Use the Broken Link Checker plugin to check and fix them. You don’t even have to hunt around for the correct replacements, you can just remove the broken stuff and be done with it. No one will notice.

6. Check for errors in Google Search Console. Fix them.

If your site gets some traffic from Google and other search engines, you don’t want that to taper off suddenly. Log in to Google Search Console (and Bing Webmaster Tools, if Bing sends you traffic), check for crawl errors, and fix them. It’s very hard to have zero errors at any given time, and they will usually keep building up over time. Just fix as much as you can, one last time. If Google Search Console has some recommendations, follow them. You’re not gonna do this any more, so invest a bit of time in fixing and future proofing whatever you can.

7. We were kidding. You have to keep coming back.

Okay, hear us out. It will be just once in a few months, if everything works as planned, but it’s gonna happen.

Every two weeks or so, run your site through Sucuri SiteCheck. The protections you set up will hold their own, but it’s always good to have a periodic check. Every six months, log in to Google Search Console and check for crawl errors. If your site still gets search engine traffic, fix the errors. Every six months, log in to your site dashboard, and check for plugins that haven’t been updated in a while. Remove them.

Set up a reminder for all these tasks in your note taking app, so you don’t forget them.

Enable the Monitor module in Jetpack, so that you will get emails when/if your site goes down. If it stays down for a long time, check with your web host.

That’s the basic checklist. If you have ever abandoned a website and have your own points to add, we would love to know.

This post is dedicated to PC Tonic, my first blog. After years of tinkering with the site but neglecting the content, I have finally decided to stop working on it. 

]]> 0 614
How We Added Support For AMP Fri, 26 Feb 2016 23:26:30 +0000 AMP, or Accelerated Mobile Pages, is a new runtime developed by Google that aims to load web pages almost instantaneously on mobile devices. AMP achieves this by not allowing a lot of cruft, like most third party JavaScript and stylesheets, on websites.

Google has been urging web developers and creators to make their websites AMP-ready for a few months, and now it has started displaying AMP pages to mobile users all over the world. If a website doesn’t have AMP compatible pages, it’s probably going to take a hit. It’s not just Google – AMP has support from Twitter, Pinterest, LinkedIn, and, among others. These websites will also start sending their users to AMP versions of websites soon.

Seeing how important AMP is, we at Tech Orbiter finally set out to make our posts compatible with this technology. Here’s how we did it.

Note: If you’re using, Automattic has you covered and you don’t need to do anything.

Installed the AMP plugin

Tech Orbiter runs on WordPress(.org), and 80% of our job was done by just installing and activating the official AMP plugin. The plugin loads an AMP compatible template for every post (not pages or archives). The AMP version of the post can then be accessed by adding /amp to the end of its URL. This new URL is automatically notified to Google (and other AMP partners) by the plugin.

Here’s how an AMP post on Tech Orbiter looks like with the default settings.

techorbiter amp-wp default

Pretty good. And very fast! But not without issues.

Added this “glue” plugin to make Yoast SEO compatible with AMP-WP.

If you use Yoast SEO on your site, you should install it too. Eventually, this glue will be baked into the main plugin.

Disabled a few CloudFlare features that are incompatible with AMP

Tech Orbiter sits on top of CloudFlare, an excellent CDN and security service. Unfortunately, many of its features aren’t compatible with AMP, yet. We went around testing and disabling these features.

First off, in the CloudFlare plugin for WordPress, we disabled HTTPS protocol rewriting. This feature creates relative URLs, which are not supported in AMP. Relative URLs helped us move from HTTP to HTTPS comfortably, but we had to disable it for compatibility with AMP.

protocol rewriting cloudflare

As a replacement for relative URLs, we added a content security policy header to our website. In the root .htaccess file (Apache server), we added these lines at the top.

# BEGIN Security Headers
<IfModule mod_headers.c>
Header always set Content-Security-Policy "default-src * https: data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://our-report-url-here"

# END Security Headers

Those familiar with security headers will know that this is not the best way to implement a content security policy, but we did it just to load all elements over HTTPS and discard any insecure element.

You can build a content security policy for your site at this page. Beware that even a slight error in the policy can knock your website offline, so don’t do it unless you’re confident or your site displays mixed content warnings.

We also made some changes in the CloudFlare dashboard by creating a Page Rule. We set up the Page Rule to disable Rocket Loader, Apps, and Security only on the AMP pages. Here’s what our rule looks like.

cloudflare page rules for amp wordpress

The Page Rule works best if your URL ends with a forward slash (/).

Disabled standard AdSense ads and enabled compatible AdSense ads on AMP pages

We use a nifty plugin called Ad Inserter to, well, insert ads into posts. However, the regular ad codes do not work with AMP, so we blacklisted them on AMP pages with a URL filter that looks like this.

adsense blacklist on amp

Obviously, we still wanted to show ads on AMP pages, so we went to the AdSense dashboard and created one 250×250 unit and one 234×60 unit. We chose these units because, 1. responsive units are not supported on AMP (yet), and 2. any wider unit, and it would bleed over to the right on screens with narrow viewports, like low end Android and Windows phones.

After creating the ads, we modified their codes to be compliant with AMP pages, and inserted them into AMP pages by creating a URL whitelist in Ad Inserter.

adsense whitelist on amp

Modified the AMP template to make our AMP pages personal and add Google Analytics code

We already have an extremely useful site plugin for Tech Orbiter, and we added some code to it to modify the default AMP template. A ton of such configuration code is available at the AMP-WP GitHub page, which you should go through.

We added some custom CSS to replace the site title with a logo, and created a class to center the bottom ad unit. We used this class in a div wrapper over the ad code.

amp wordpress techorbiter

We also added code for Google Analytics as mentioned here.

Tested the site for AMP validation in Chrome developer tools

After doing all the above, we tested an AMP page of our site using Chrome developer tools to check whether it passed the AMP validation. And it did! For this check, add #development=1 to your AMP URL, open a new tab in Chrome, press F12 to open developer tools, load the URL, and look in the console for success or error messages.

amp validation chrome dev tools

Even if your site doesn’t pass AMP validation the first time round, you can check what the errors are and fix them.

So yeah, setting up AMP is no walk in the park, but the result is a blazing fast experience for your mobile visitors, and that’s something worth spending a day over. Try it on your WordPress site, and let us know how it went!

]]> 0 580